Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2015-3438HistoryAug 05, 2015 - 1:59 a.m.
CVE-2015-3438
2015-08-0501:59:00
Debian Security Bug Tracker
security-tracker.debian.org
19
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.028 Low
EPSS
Percentile
90.5%
Multiple cross-site scripting (XSS) vulnerabilities in WordPress before 4.1.2, when MySQL is used without strict mode, allow remote attackers to inject arbitrary web script or HTML via a (1) four-byte UTF-8 character or (2) invalid character that reaches the database layer, as demonstrated by a crafted character in a comment.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | wordpress | < 4.2+dfsg-1 | wordpress_4.2+dfsg-1_all.deb |
| Debian | 11 | all | wordpress | < 4.2+dfsg-1 | wordpress_4.2+dfsg-1_all.deb |
| Debian | 10 | all | wordpress | < 4.2+dfsg-1 | wordpress_4.2+dfsg-1_all.deb |
| Debian | 999 | all | wordpress | < 4.2+dfsg-1 | wordpress_4.2+dfsg-1_all.deb |
| Debian | 13 | all | wordpress | < 4.2+dfsg-1 | wordpress_4.2+dfsg-1_all.deb |
Related
patchstack
patchstack
WordPress <= 4.1.1 - Multiple XSS
2015-04-28 00:00:00
prion
prion
Cross site scripting
2015-08-05 01:59:00
openvas
openvas
WordPress 'Non-Strict Mode' Multiple Cross-Site Scripting Vulnerabilities - Linux
2015-10-12 00:00:00
WordPress 'Non-Strict Mode' Multiple Cross-Site Scripting Vulnerabilities - Windows
2015-10-12 00:00:00
Fedora Update for wordpress FEDORA-2015-6808
2015-06-09 00:00:00
cve
cve
CVE-2015-3438
2015-08-05 01:59:00
wpvulndb
wpvulndb
WordPress <= 4.1.1 - Unauthenticated Stored Cross-Site Scripting (XSS)
2015-04-21 00:00:00
ubuntucve
ubuntucve
CVE-2015-3438
2015-08-05 00:00:00
nessus
nessus
WordPress < 3.7.6 / 3.8.6 / 3.9.4 / 4.1.2 Multiple Vulnerabilities
2015-04-24 00:00:00
Fedora 22 : wordpress-4.2.1-1.fc22 (2015-6778)
2015-05-11 00:00:00
Debian DSA-3250-1 : wordpress - security update
2015-05-05 00:00:00
fedora
fedora
[SECURITY] Fedora 22 Update: wordpress-4.2.1-1.fc22
2015-05-08 07:45:51
[SECURITY] Fedora 21 Update: wordpress-4.2.2-1.fc21
2015-05-20 18:47:30
[SECURITY] Fedora 20 Update: wordpress-4.2.2-1.fc20
2015-05-20 18:49:22
debian
debian
[SECURITY] [DSA 3250-1] wordpress security update
2015-05-04 18:51:10
[SECURITY] [DLA 236-1] wordpress security update
2015-06-01 12:11:49
osv
osv
wordpress - security update
2015-05-04 00:00:00
wordpress - security update
2015-06-01 00:00:00
securityvulns
securityvulns
[SECURITY] [DSA 3250-1] wordpress security update
2015-05-11 00:00:00
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.028 Low
EPSS
Percentile
90.5%
Related for DEBIANCVE:CVE-2015-3438